From a7e6c6688aee70d20f139a133810f0a258cf6c27 Mon Sep 17 00:00:00 2001 From: jgilaber Date: Tue, 1 Oct 2024 16:08:26 +0200 Subject: [PATCH 1/2] [POC] Add an adoption VA to setup networking Create an adoption VA the will be used to install the operators, and setup nncp and netconfig. The idea is that this VA will be shared between all the different adoption uni-jobs. --- automation/vars/adoption.yaml | 27 ++ examples/va/adoption/.gitignore | 4 + examples/va/adoption/README.md | 39 +++ examples/va/adoption/control-plane/.gitignore | 1 + .../adoption/control-plane/kustomization.yaml | 12 + .../va/adoption/control-plane/nncp/.gitignore | 1 + .../control-plane/nncp/kustomization.yaml | 24 ++ .../adoption/control-plane/nncp/values.yaml | 195 +++++++++++ examples/va/adoption/networking.yaml | 322 ++++++++++++++++++ va/adoption/README.md | 11 + va/adoption/kustomization.yaml | 75 ++++ va/adoption/namespace.yaml | 12 + .../networking/metallb/kustomization.yaml | 36 ++ .../metallb/metallb_l2advertisement.yaml | 11 + .../networking/metallb/ocp_ip_pools.yaml | 8 + va/adoption/networking/nad/kustomization.yaml | 35 ++ .../nad/ocp_networks_netattach.yaml | 8 + .../networking/netconfig/kustomization.yaml | 36 ++ va/adoption/nncp/kustomization.yaml | 21 ++ 19 files changed, 878 insertions(+) create mode 100644 automation/vars/adoption.yaml create mode 100644 examples/va/adoption/.gitignore create mode 100644 examples/va/adoption/README.md create mode 100644 examples/va/adoption/control-plane/.gitignore create mode 100644 examples/va/adoption/control-plane/kustomization.yaml create mode 100644 examples/va/adoption/control-plane/nncp/.gitignore create mode 100644 examples/va/adoption/control-plane/nncp/kustomization.yaml create mode 100644 examples/va/adoption/control-plane/nncp/values.yaml create mode 100644 examples/va/adoption/networking.yaml create mode 100644 va/adoption/README.md create mode 100644 va/adoption/kustomization.yaml create mode 100644 va/adoption/namespace.yaml create mode 100644 va/adoption/networking/metallb/kustomization.yaml create mode 100644 va/adoption/networking/metallb/metallb_l2advertisement.yaml create mode 100644 va/adoption/networking/metallb/ocp_ip_pools.yaml create mode 100644 va/adoption/networking/nad/kustomization.yaml create mode 100644 va/adoption/networking/nad/ocp_networks_netattach.yaml create mode 100644 va/adoption/networking/netconfig/kustomization.yaml create mode 100644 va/adoption/nncp/kustomization.yaml diff --git a/automation/vars/adoption.yaml b/automation/vars/adoption.yaml new file mode 100644 index 000000000..11188ad17 --- /dev/null +++ b/automation/vars/adoption.yaml @@ -0,0 +1,27 @@ +--- +vas: + adoption: + stages: + - path: examples/va/adoption/control-plane/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=5m + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - path: examples/va/adoption/control-plane + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=5m + values: + - name: network-values + src_file: nncp/values.yaml + build_output: ../networking.yaml diff --git a/examples/va/adoption/.gitignore b/examples/va/adoption/.gitignore new file mode 100644 index 000000000..205810519 --- /dev/null +++ b/examples/va/adoption/.gitignore @@ -0,0 +1,4 @@ +nncp.yaml +control-plane.yaml +dataplane-pre-ceph.yaml +dataplane-post-ceph.yaml diff --git a/examples/va/adoption/README.md b/examples/va/adoption/README.md new file mode 100644 index 000000000..98b65c0aa --- /dev/null +++ b/examples/va/adoption/README.md @@ -0,0 +1,39 @@ +# Hyperconverged OpenStack and Ceph + +**Based on OpenStack K8S operators from the "main" branch of the [OpenStack Operator repo](https://github.com/openstack-k8s-operators/openstack-operator/commit/aa63bf3931f74722dd48af8a0914233b2b384330) on Dec 19th, 2023** + +This is a collection of CR templates that represent a validated Red Hat OpenStack Services on OpenShift deployment that has the following characteristics: + +- 3 master/worker combo-node OpenShift cluster +- 3-replica Galera database +- RabbitMQ +- OVN networking +- Network isolation over a single NIC +- 3 compute nodes +- CephHCI installed on compute nodes and used by various OSP services + - Cinder Volume using RBD for backend + - Cinder Backup using RBD for backend + - Glance using RBD for backend + - Nova using RBD for ephemeral storage + - Manila using CephFS for backend + +## Considerations + +1. These CRs are validated for the overall functionality of the OSP cloud deployed, but they nonetheless require customization for the particular environment in which they are utilized. In this sense they are _templates_ meant to be consumed and tweaked to fit the specific constraints of the hardware available. + +2. The CRs are applied against an OpenShift cluster in _stages_. That is, there is an ordering in which each grouping of CRs is fed to the cluster. It is _not_ a case of simply taking all CRs from all stages and applying them all at once. + +3. In stages 1 and 2 [kustomize](https://kustomize.io/) is used to genereate the control plane CRs dynamically. The `control-plane/nncp/values.yaml` file(s) must be updated to fit your environment. kustomize version 5 or newer required. + +4. In stages 3 and 4 [kustomize](https://kustomize.io/) is used to generate the dataplane CRs dynamically. The `edpm-pre-ceph/values.yaml`, `values.yaml` and `service-values.yaml` files must be updated to fit your environment. kustomize version 5 or newer required. + +5. Between stages 3 and 4, _it is assumed that the user installs Ceph on the 3 OSP compute nodes._ OpenStack K8S CRDs do not provide a way to install Ceph via any sort of combination of CRs. + +## Stages + +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. + +1. [Install the OpenStack K8S operators and their dependencies](../../common/) +2. [Configuring networking and deploy the OpenStack control plane](control-plane.md) +3. [Configure and deploy the initial data plane to prepare for Ceph installation](dataplane-pre-ceph.md) +4. [Update the control plane and finish deploying the data plane after Ceph has been installed](dataplane-post-ceph.md) diff --git a/examples/va/adoption/control-plane/.gitignore b/examples/va/adoption/control-plane/.gitignore new file mode 100644 index 000000000..3df8f53be --- /dev/null +++ b/examples/va/adoption/control-plane/.gitignore @@ -0,0 +1 @@ +control-plane.yaml diff --git a/examples/va/adoption/control-plane/kustomization.yaml b/examples/va/adoption/control-plane/kustomization.yaml new file mode 100644 index 000000000..9dd0575ec --- /dev/null +++ b/examples/va/adoption/control-plane/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../va/adoption/ + # - https://github.com/openstack-k8s-operators/architecture/va/hci?ref=main + ## It's possible to replace ../../../../va/hci/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - nncp/values.yaml diff --git a/examples/va/adoption/control-plane/nncp/.gitignore b/examples/va/adoption/control-plane/nncp/.gitignore new file mode 100644 index 000000000..51ed8a956 --- /dev/null +++ b/examples/va/adoption/control-plane/nncp/.gitignore @@ -0,0 +1 @@ +nncp.yaml diff --git a/examples/va/adoption/control-plane/nncp/kustomization.yaml b/examples/va/adoption/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..626b73ed3 --- /dev/null +++ b/examples/va/adoption/control-plane/nncp/kustomization.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../va/adoption/nncp + +resources: + - values.yaml diff --git a/examples/va/adoption/control-plane/nncp/values.yaml b/examples/va/adoption/control-plane/nncp/values.yaml new file mode 100644 index 000000000..75e2e8f3d --- /dev/null +++ b/examples/va/adoption/control-plane/nncp/values.yaml @@ -0,0 +1,195 @@ +apiVersion: v1 +data: + bridgeName: ospbr + ctlplane: + dnsDomain: ctlplane.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + iface: enp7s0 + lb_addresses: + - 192.168.122.80-192.168.122.90 + mtu: 1500 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"ctlplane\",\n + \ \"type\": \"macvlan\",\n \"master\": \"ospbr\",\n \"ipam\": {\n \"type\": + \"whereabouts\",\n \"range\": \"192.168.122.0/24\",\n \"range_start\": + \"192.168.122.30\",\n \"range_end\": \"192.168.122.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.170 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + datacentre: + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"datacentre\",\n + \ \"type\": \"bridge\",\n \"bridge\": \"ospbr\",\n \"ipam\": {}\n}\n" + dns-resolver: + config: + search: [] + server: + - 192.168.122.1 + options: + - key: server + values: + - 192.168.122.1 + external: + dnsDomain: external.example.com + mtu: 1496 + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.21.0.250 + start: 172.21.0.100 + cidr: 172.21.0.0/24 + name: subnet1 + vlan: 44 + vlan: 44 + internalapi: + base_iface: enp7s0 + dnsDomain: internalapi.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + iface: internalapi + lb_addresses: + - 172.17.0.80-172.17.0.90 + mtu: 1496 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"internalapi\",\n + \ \"type\": \"macvlan\",\n \"master\": \"internalapi\",\n \"ipam\": + {\n \"type\": \"whereabouts\",\n \"range\": \"172.17.0.0/24\",\n + \ \"range_start\": \"172.17.0.30\",\n \"range_end\": \"172.17.0.70\"\n + \ }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + vlan: 20 + lbServiceType: LoadBalancer + node_0: + ctlplane_ip: 192.168.122.10 + internalapi_ip: 172.17.0.10 + name: master-0 + storage_ip: 172.18.0.10 + tenant_ip: 172.19.0.10 + node_1: + ctlplane_ip: 192.168.122.11 + internalapi_ip: 172.17.0.11 + name: master-1 + storage_ip: 172.18.0.11 + tenant_ip: 172.19.0.11 + node_2: + ctlplane_ip: 192.168.122.12 + internalapi_ip: 172.17.0.12 + name: master-2 + storage_ip: 172.18.0.12 + tenant_ip: 172.19.0.12 + ocpbm: + dnsDomain: ocpbm.example.com + mtu: 1500 + prefix-length: 24 + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + routes: + config: [] + storage: + base_iface: enp7s0 + dnsDomain: storage.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: storage + metallb.universe.tf/allow-shared-ip: storage + metallb.universe.tf/loadBalancerIPs: 172.18.0.80 + iface: storage + lb_addresses: + - 172.18.0.80-172.18.0.90 + mtu: 1496 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"storage\",\n + \ \"type\": \"macvlan\",\n \"master\": \"storage\",\n \"ipam\": {\n + \ \"type\": \"whereabouts\",\n \"range\": \"172.18.0.0/24\",\n \"range_start\": + \"172.18.0.30\",\n \"range_end\": \"172.18.0.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + vlan: 21 + storageClass: lvms-local-storage + storagemgmt: + dnsDomain: storagemgmt.example.com + mtu: 1500 + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 + vlan: 23 + swift: + base_iface: enp6s0 + dnsDomain: swift.example.com + iface: swift + lb_addresses: + - 172.22.0.80-172.22.0.90 + mtu: 1500 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"swift\",\n + \ \"type\": \"macvlan\",\n \"master\": \"swift\",\n \"ipam\": {\n \"type\": + \"whereabouts\",\n \"range\": \"172.22.0.0/24\",\n \"range_start\": + \"172.22.0.30\",\n \"range_end\": \"172.22.0.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.22.0.250 + start: 172.22.0.100 + cidr: 172.22.0.0/24 + name: subnet1 + vlan: 25 + vlan: 25 + tenant: + base_iface: enp7s0 + dnsDomain: tenant.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: tenant + metallb.universe.tf/allow-shared-ip: tenant + metallb.universe.tf/loadBalancerIPs: 172.19.0.80 + iface: tenant + lb_addresses: + - 172.19.0.80-172.19.0.90 + mtu: 1496 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"tenant\",\n + \ \"type\": \"macvlan\",\n \"master\": \"tenant\",\n \"ipam\": {\n \"type\": + \"whereabouts\",\n \"range\": \"172.19.0.0/24\",\n \"range_start\": + \"172.19.0.30\",\n \"range_end\": \"172.19.0.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + vlan: 22 +kind: ConfigMap +metadata: + annotations: + config.kubernetes.io/local-config: 'true' + name: network-values diff --git a/examples/va/adoption/networking.yaml b/examples/va/adoption/networking.yaml new file mode 100644 index 000000000..d79d041b9 --- /dev/null +++ b/examples/va/adoption/networking.yaml @@ -0,0 +1,322 @@ +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: ctlplane + osp/net-attach-def-type: standard + name: ctlplane + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: datacentre + osp/net-attach-def-type: standard + name: datacentre + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: internalapi + osp/net-attach-def-type: standard + name: internalapi + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: storage + osp/net-attach-def-type: standard + name: storage + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: swift + osp/net-attach-def-type: standard + name: swift + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "swift", + "type": "macvlan", + "master": "swift", + "ipam": { + "type": "whereabouts", + "range": "172.22.0.0/24", + "range_start": "172.22.0.30", + "range_end": "172.22.0.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: tenant + osp/net-attach-def-type: standard + name: tenant + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: ctlplane + namespace: metallb-system +spec: + addresses: + - 192.168.122.80-192.168.122.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: internalapi + namespace: metallb-system +spec: + addresses: + - 172.17.0.80-172.17.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: storage + namespace: metallb-system +spec: + addresses: + - 172.18.0.80-172.18.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: swift + namespace: metallb-system +spec: + addresses: + - 172.22.0.80-172.22.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: tenant + namespace: metallb-system +spec: + addresses: + - 172.19.0.80-172.19.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: ctlplane + namespace: metallb-system +spec: + interfaces: + - ospbr + ipAddressPools: + - ctlplane +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: internalapi + namespace: metallb-system +spec: + interfaces: + - internalapi + ipAddressPools: + - internalapi +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: storage + namespace: metallb-system +spec: + interfaces: + - storage + ipAddressPools: + - storage +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: swift + namespace: metallb-system +spec: + interfaces: + - swift + ipAddressPools: + - swift +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: tenant + namespace: metallb-system +spec: + interfaces: + - tenant + ipAddressPools: + - tenant +--- +apiVersion: network.openstack.org/v1beta1 +kind: NetConfig +metadata: + name: netconfig + namespace: openstack +spec: + networks: + - dnsDomain: ctlplane.example.com + mtu: 1500 + name: ctlplane + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.170 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + - dnsDomain: internalapi.example.com + mtu: 1496 + name: internalapi + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + - dnsDomain: external.example.com + mtu: 1496 + name: external + subnets: + - allocationRanges: + - end: 172.21.0.250 + start: 172.21.0.100 + cidr: 172.21.0.0/24 + name: subnet1 + vlan: 44 + - dnsDomain: storage.example.com + mtu: 1496 + name: storage + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + - dnsDomain: tenant.example.com + mtu: 1496 + name: tenant + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + - dnsDomain: swift.example.com + mtu: 1500 + name: swift + subnets: + - allocationRanges: + - end: 172.22.0.250 + start: 172.22.0.100 + cidr: 172.22.0.0/24 + name: subnet1 + vlan: 25 + - dnsDomain: storagemgmt.example.com + mtu: 1500 + name: storagemgmt + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 \ No newline at end of file diff --git a/va/adoption/README.md b/va/adoption/README.md new file mode 100644 index 000000000..522d5615b --- /dev/null +++ b/va/adoption/README.md @@ -0,0 +1,11 @@ +# VA: HCI + +If you are looking for information on how to deploy the HCI VA, then +please see the +[HCI README in the examples directory](../../examples/va/hci/README.md). + +This directory, `architecture/va/hci/`, exists so that the +[kustomization.yaml](../../examples/va/hci/kustomization.yaml) +in the examples directory for the HCI VA, reference it by path as a +component. Its contents are likely uninteresting unless you want to +understand how kustomize was implemented in this repository. diff --git a/va/adoption/kustomization.yaml b/va/adoption/kustomization.yaml new file mode 100644 index 000000000..f0e686cc0 --- /dev/null +++ b/va/adoption/kustomization.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking/metallb + - networking/metallb + - ../../lib/networking/netconfig + - networking/netconfig + - ../../lib/networking/nad + - networking/nad + +# Add storagemgmt network template, as it is needed for CephHCI +patches: + - target: + version: v1beta1 + kind: NetConfig + name: netconfig + patch: |- + - op: add + path: /spec/networks/- + value: + dnsDomain: _replaced_ + name: storagemgmt + subnets: + - _replaced_ + mtu: 1500 + +# Add storagemgmt network replacements +replacements: + # NetConfig dnsDomain specific to this VA + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storagemgmt.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storagemgmt].dnsDomain + # NetConfig MTU specific to this VA + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storagemgmt.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storagemgmt].mtu + # NetConfig subnets specific to this VA + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storagemgmt.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storagemgmt].subnets diff --git a/va/adoption/namespace.yaml b/va/adoption/namespace.yaml new file mode 100644 index 000000000..60a6e8c42 --- /dev/null +++ b/va/adoption/namespace.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: builtin +kind: NamespaceTransformer +metadata: + name: _ignored_ + namespace: openstack +setRoleBindingSubjects: none +unsetOnly: true +fieldSpecs: + - path: metadata/name + kind: Namespace + create: true diff --git a/va/adoption/networking/metallb/kustomization.yaml b/va/adoption/networking/metallb/kustomization.yaml new file mode 100644 index 000000000..94b3620d3 --- /dev/null +++ b/va/adoption/networking/metallb/kustomization.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - metallb_l2advertisement.yaml + - ocp_ip_pools.yaml + +replacements: + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.lb_addresses + targets: + - select: + group: metallb.io + kind: IPAddressPool + name: swift + fieldPaths: + - spec.addresses + options: + create: true + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.iface + targets: + - select: + group: metallb.io + kind: L2Advertisement + name: swift + fieldPaths: + - spec.interfaces.0 + options: + create: true diff --git a/va/adoption/networking/metallb/metallb_l2advertisement.yaml b/va/adoption/networking/metallb/metallb_l2advertisement.yaml new file mode 100644 index 000000000..651c26eda --- /dev/null +++ b/va/adoption/networking/metallb/metallb_l2advertisement.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: swift + namespace: metallb-system +spec: + ipAddressPools: + - swift + interfaces: + - _replaced_ diff --git a/va/adoption/networking/metallb/ocp_ip_pools.yaml b/va/adoption/networking/metallb/ocp_ip_pools.yaml new file mode 100644 index 000000000..a7945afa1 --- /dev/null +++ b/va/adoption/networking/metallb/ocp_ip_pools.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + namespace: metallb-system + name: swift + labels: + osp/lb-addresses-type: standard diff --git a/va/adoption/networking/nad/kustomization.yaml b/va/adoption/networking/nad/kustomization.yaml new file mode 100644 index 000000000..1ce809c3f --- /dev/null +++ b/va/adoption/networking/nad/kustomization.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +resources: + - ocp_networks_netattach.yaml + +replacements: + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.net-attach-def + targets: + - select: + kind: NetworkAttachmentDefinition + name: swift + fieldPaths: + - spec.config + options: + create: true diff --git a/va/adoption/networking/nad/ocp_networks_netattach.yaml b/va/adoption/networking/nad/ocp_networks_netattach.yaml new file mode 100644 index 000000000..da7763fad --- /dev/null +++ b/va/adoption/networking/nad/ocp_networks_netattach.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: swift + labels: + osp/net: swift + osp/net-attach-def-type: standard diff --git a/va/adoption/networking/netconfig/kustomization.yaml b/va/adoption/networking/netconfig/kustomization.yaml new file mode 100644 index 000000000..b18740075 --- /dev/null +++ b/va/adoption/networking/netconfig/kustomization.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +patches: + - target: + kind: NetConfig + patch: |- + - op: add + path: /spec/networks/- + value: + name: swift + mtu: 1500 + dnsDomain: _replaced_ + subnets: + - _replaced_ + +replacements: + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=swift].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=swift].subnets diff --git a/va/adoption/nncp/kustomization.yaml b/va/adoption/nncp/kustomization.yaml new file mode 100644 index 000000000..9c29c7007 --- /dev/null +++ b/va/adoption/nncp/kustomization.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/nncp From d8fce94c5836e64d87505cf1d39bfd3aba8c9aa2 Mon Sep 17 00:00:00 2001 From: jgilaber Date: Wed, 23 Oct 2024 15:11:28 +0200 Subject: [PATCH 2/2] Try just defining a new automation file for adoption This reverts commit a7e6c6688aee70d20f139a133810f0a258cf6c27. --- .../vars/{adoption.yaml => hci-adoption.yaml} | 8 +- examples/va/adoption/.gitignore | 4 - examples/va/adoption/README.md | 39 --- examples/va/adoption/control-plane/.gitignore | 1 - .../adoption/control-plane/kustomization.yaml | 12 - .../va/adoption/control-plane/nncp/.gitignore | 1 - .../control-plane/nncp/kustomization.yaml | 24 -- .../adoption/control-plane/nncp/values.yaml | 195 ----------- examples/va/adoption/networking.yaml | 322 ------------------ va/adoption/README.md | 11 - va/adoption/kustomization.yaml | 75 ---- va/adoption/namespace.yaml | 12 - .../networking/metallb/kustomization.yaml | 36 -- .../metallb/metallb_l2advertisement.yaml | 11 - .../networking/metallb/ocp_ip_pools.yaml | 8 - va/adoption/networking/nad/kustomization.yaml | 35 -- .../nad/ocp_networks_netattach.yaml | 8 - .../networking/netconfig/kustomization.yaml | 36 -- va/adoption/nncp/kustomization.yaml | 21 -- 19 files changed, 4 insertions(+), 855 deletions(-) rename automation/vars/{adoption.yaml => hci-adoption.yaml} (81%) delete mode 100644 examples/va/adoption/.gitignore delete mode 100644 examples/va/adoption/README.md delete mode 100644 examples/va/adoption/control-plane/.gitignore delete mode 100644 examples/va/adoption/control-plane/kustomization.yaml delete mode 100644 examples/va/adoption/control-plane/nncp/.gitignore delete mode 100644 examples/va/adoption/control-plane/nncp/kustomization.yaml delete mode 100644 examples/va/adoption/control-plane/nncp/values.yaml delete mode 100644 examples/va/adoption/networking.yaml delete mode 100644 va/adoption/README.md delete mode 100644 va/adoption/kustomization.yaml delete mode 100644 va/adoption/namespace.yaml delete mode 100644 va/adoption/networking/metallb/kustomization.yaml delete mode 100644 va/adoption/networking/metallb/metallb_l2advertisement.yaml delete mode 100644 va/adoption/networking/metallb/ocp_ip_pools.yaml delete mode 100644 va/adoption/networking/nad/kustomization.yaml delete mode 100644 va/adoption/networking/nad/ocp_networks_netattach.yaml delete mode 100644 va/adoption/networking/netconfig/kustomization.yaml delete mode 100644 va/adoption/nncp/kustomization.yaml diff --git a/automation/vars/adoption.yaml b/automation/vars/hci-adoption.yaml similarity index 81% rename from automation/vars/adoption.yaml rename to automation/vars/hci-adoption.yaml index 11188ad17..37709ca35 100644 --- a/automation/vars/adoption.yaml +++ b/automation/vars/hci-adoption.yaml @@ -1,8 +1,8 @@ --- vas: - adoption: + hci-adoption: stages: - - path: examples/va/adoption/control-plane/nncp + - path: examples/va/hci/control-plane/nncp wait_conditions: - >- oc -n openstack wait nncp @@ -14,7 +14,7 @@ vas: src_file: values.yaml build_output: nncp.yaml - - path: examples/va/adoption/control-plane + - path: examples/va/hci/control-plane wait_conditions: - >- oc -n openstack wait nncp @@ -24,4 +24,4 @@ vas: values: - name: network-values src_file: nncp/values.yaml - build_output: ../networking.yaml + build_output: networking.yaml diff --git a/examples/va/adoption/.gitignore b/examples/va/adoption/.gitignore deleted file mode 100644 index 205810519..000000000 --- a/examples/va/adoption/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -nncp.yaml -control-plane.yaml -dataplane-pre-ceph.yaml -dataplane-post-ceph.yaml diff --git a/examples/va/adoption/README.md b/examples/va/adoption/README.md deleted file mode 100644 index 98b65c0aa..000000000 --- a/examples/va/adoption/README.md +++ /dev/null @@ -1,39 +0,0 @@ -# Hyperconverged OpenStack and Ceph - -**Based on OpenStack K8S operators from the "main" branch of the [OpenStack Operator repo](https://github.com/openstack-k8s-operators/openstack-operator/commit/aa63bf3931f74722dd48af8a0914233b2b384330) on Dec 19th, 2023** - -This is a collection of CR templates that represent a validated Red Hat OpenStack Services on OpenShift deployment that has the following characteristics: - -- 3 master/worker combo-node OpenShift cluster -- 3-replica Galera database -- RabbitMQ -- OVN networking -- Network isolation over a single NIC -- 3 compute nodes -- CephHCI installed on compute nodes and used by various OSP services - - Cinder Volume using RBD for backend - - Cinder Backup using RBD for backend - - Glance using RBD for backend - - Nova using RBD for ephemeral storage - - Manila using CephFS for backend - -## Considerations - -1. These CRs are validated for the overall functionality of the OSP cloud deployed, but they nonetheless require customization for the particular environment in which they are utilized. In this sense they are _templates_ meant to be consumed and tweaked to fit the specific constraints of the hardware available. - -2. The CRs are applied against an OpenShift cluster in _stages_. That is, there is an ordering in which each grouping of CRs is fed to the cluster. It is _not_ a case of simply taking all CRs from all stages and applying them all at once. - -3. In stages 1 and 2 [kustomize](https://kustomize.io/) is used to genereate the control plane CRs dynamically. The `control-plane/nncp/values.yaml` file(s) must be updated to fit your environment. kustomize version 5 or newer required. - -4. In stages 3 and 4 [kustomize](https://kustomize.io/) is used to generate the dataplane CRs dynamically. The `edpm-pre-ceph/values.yaml`, `values.yaml` and `service-values.yaml` files must be updated to fit your environment. kustomize version 5 or newer required. - -5. Between stages 3 and 4, _it is assumed that the user installs Ceph on the 3 OSP compute nodes._ OpenStack K8S CRDs do not provide a way to install Ceph via any sort of combination of CRs. - -## Stages - -All stages must be executed in the order listed below. Everything is required unless otherwise indicated. - -1. [Install the OpenStack K8S operators and their dependencies](../../common/) -2. [Configuring networking and deploy the OpenStack control plane](control-plane.md) -3. [Configure and deploy the initial data plane to prepare for Ceph installation](dataplane-pre-ceph.md) -4. [Update the control plane and finish deploying the data plane after Ceph has been installed](dataplane-post-ceph.md) diff --git a/examples/va/adoption/control-plane/.gitignore b/examples/va/adoption/control-plane/.gitignore deleted file mode 100644 index 3df8f53be..000000000 --- a/examples/va/adoption/control-plane/.gitignore +++ /dev/null @@ -1 +0,0 @@ -control-plane.yaml diff --git a/examples/va/adoption/control-plane/kustomization.yaml b/examples/va/adoption/control-plane/kustomization.yaml deleted file mode 100644 index 9dd0575ec..000000000 --- a/examples/va/adoption/control-plane/kustomization.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -components: - - ../../../../va/adoption/ - # - https://github.com/openstack-k8s-operators/architecture/va/hci?ref=main - ## It's possible to replace ../../../../va/hci/ with a git checkout URL as per: - ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md - -resources: - - nncp/values.yaml diff --git a/examples/va/adoption/control-plane/nncp/.gitignore b/examples/va/adoption/control-plane/nncp/.gitignore deleted file mode 100644 index 51ed8a956..000000000 --- a/examples/va/adoption/control-plane/nncp/.gitignore +++ /dev/null @@ -1 +0,0 @@ -nncp.yaml diff --git a/examples/va/adoption/control-plane/nncp/kustomization.yaml b/examples/va/adoption/control-plane/nncp/kustomization.yaml deleted file mode 100644 index 626b73ed3..000000000 --- a/examples/va/adoption/control-plane/nncp/kustomization.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -transformers: - # Set namespace to OpenStack on all namespaced objects without a namespace - - |- - apiVersion: builtin - kind: NamespaceTransformer - metadata: - name: _ignored_ - namespace: openstack - setRoleBindingSubjects: none - unsetOnly: true - fieldSpecs: - - path: metadata/name - kind: Namespace - create: true - -components: - - ../../../../../va/adoption/nncp - -resources: - - values.yaml diff --git a/examples/va/adoption/control-plane/nncp/values.yaml b/examples/va/adoption/control-plane/nncp/values.yaml deleted file mode 100644 index 75e2e8f3d..000000000 --- a/examples/va/adoption/control-plane/nncp/values.yaml +++ /dev/null @@ -1,195 +0,0 @@ -apiVersion: v1 -data: - bridgeName: ospbr - ctlplane: - dnsDomain: ctlplane.example.com - endpoint_annotations: - metallb.universe.tf/address-pool: ctlplane - metallb.universe.tf/allow-shared-ip: ctlplane - metallb.universe.tf/loadBalancerIPs: 192.168.122.80 - iface: enp7s0 - lb_addresses: - - 192.168.122.80-192.168.122.90 - mtu: 1500 - net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"ctlplane\",\n - \ \"type\": \"macvlan\",\n \"master\": \"ospbr\",\n \"ipam\": {\n \"type\": - \"whereabouts\",\n \"range\": \"192.168.122.0/24\",\n \"range_start\": - \"192.168.122.30\",\n \"range_end\": \"192.168.122.70\"\n }\n}\n" - prefix-length: 24 - subnets: - - allocationRanges: - - end: 192.168.122.120 - start: 192.168.122.100 - - end: 192.168.122.170 - start: 192.168.122.150 - cidr: 192.168.122.0/24 - gateway: 192.168.122.1 - name: subnet1 - datacentre: - net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"datacentre\",\n - \ \"type\": \"bridge\",\n \"bridge\": \"ospbr\",\n \"ipam\": {}\n}\n" - dns-resolver: - config: - search: [] - server: - - 192.168.122.1 - options: - - key: server - values: - - 192.168.122.1 - external: - dnsDomain: external.example.com - mtu: 1496 - prefix-length: 24 - subnets: - - allocationRanges: - - end: 172.21.0.250 - start: 172.21.0.100 - cidr: 172.21.0.0/24 - name: subnet1 - vlan: 44 - vlan: 44 - internalapi: - base_iface: enp7s0 - dnsDomain: internalapi.example.com - endpoint_annotations: - metallb.universe.tf/address-pool: internalapi - metallb.universe.tf/allow-shared-ip: internalapi - metallb.universe.tf/loadBalancerIPs: 172.17.0.80 - iface: internalapi - lb_addresses: - - 172.17.0.80-172.17.0.90 - mtu: 1496 - net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"internalapi\",\n - \ \"type\": \"macvlan\",\n \"master\": \"internalapi\",\n \"ipam\": - {\n \"type\": \"whereabouts\",\n \"range\": \"172.17.0.0/24\",\n - \ \"range_start\": \"172.17.0.30\",\n \"range_end\": \"172.17.0.70\"\n - \ }\n}\n" - prefix-length: 24 - subnets: - - allocationRanges: - - end: 172.17.0.250 - start: 172.17.0.100 - cidr: 172.17.0.0/24 - name: subnet1 - vlan: 20 - vlan: 20 - lbServiceType: LoadBalancer - node_0: - ctlplane_ip: 192.168.122.10 - internalapi_ip: 172.17.0.10 - name: master-0 - storage_ip: 172.18.0.10 - tenant_ip: 172.19.0.10 - node_1: - ctlplane_ip: 192.168.122.11 - internalapi_ip: 172.17.0.11 - name: master-1 - storage_ip: 172.18.0.11 - tenant_ip: 172.19.0.11 - node_2: - ctlplane_ip: 192.168.122.12 - internalapi_ip: 172.17.0.12 - name: master-2 - storage_ip: 172.18.0.12 - tenant_ip: 172.19.0.12 - ocpbm: - dnsDomain: ocpbm.example.com - mtu: 1500 - prefix-length: 24 - rabbitmq: - endpoint_annotations: - metallb.universe.tf/address-pool: internalapi - metallb.universe.tf/loadBalancerIPs: 172.17.0.85 - rabbitmq-cell1: - endpoint_annotations: - metallb.universe.tf/address-pool: internalapi - metallb.universe.tf/loadBalancerIPs: 172.17.0.86 - routes: - config: [] - storage: - base_iface: enp7s0 - dnsDomain: storage.example.com - endpoint_annotations: - metallb.universe.tf/address-pool: storage - metallb.universe.tf/allow-shared-ip: storage - metallb.universe.tf/loadBalancerIPs: 172.18.0.80 - iface: storage - lb_addresses: - - 172.18.0.80-172.18.0.90 - mtu: 1496 - net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"storage\",\n - \ \"type\": \"macvlan\",\n \"master\": \"storage\",\n \"ipam\": {\n - \ \"type\": \"whereabouts\",\n \"range\": \"172.18.0.0/24\",\n \"range_start\": - \"172.18.0.30\",\n \"range_end\": \"172.18.0.70\"\n }\n}\n" - prefix-length: 24 - subnets: - - allocationRanges: - - end: 172.18.0.250 - start: 172.18.0.100 - cidr: 172.18.0.0/24 - name: subnet1 - vlan: 21 - vlan: 21 - storageClass: lvms-local-storage - storagemgmt: - dnsDomain: storagemgmt.example.com - mtu: 1500 - prefix-length: 24 - subnets: - - allocationRanges: - - end: 172.20.0.250 - start: 172.20.0.100 - cidr: 172.20.0.0/24 - name: subnet1 - vlan: 23 - vlan: 23 - swift: - base_iface: enp6s0 - dnsDomain: swift.example.com - iface: swift - lb_addresses: - - 172.22.0.80-172.22.0.90 - mtu: 1500 - net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"swift\",\n - \ \"type\": \"macvlan\",\n \"master\": \"swift\",\n \"ipam\": {\n \"type\": - \"whereabouts\",\n \"range\": \"172.22.0.0/24\",\n \"range_start\": - \"172.22.0.30\",\n \"range_end\": \"172.22.0.70\"\n }\n}\n" - prefix-length: 24 - subnets: - - allocationRanges: - - end: 172.22.0.250 - start: 172.22.0.100 - cidr: 172.22.0.0/24 - name: subnet1 - vlan: 25 - vlan: 25 - tenant: - base_iface: enp7s0 - dnsDomain: tenant.example.com - endpoint_annotations: - metallb.universe.tf/address-pool: tenant - metallb.universe.tf/allow-shared-ip: tenant - metallb.universe.tf/loadBalancerIPs: 172.19.0.80 - iface: tenant - lb_addresses: - - 172.19.0.80-172.19.0.90 - mtu: 1496 - net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"tenant\",\n - \ \"type\": \"macvlan\",\n \"master\": \"tenant\",\n \"ipam\": {\n \"type\": - \"whereabouts\",\n \"range\": \"172.19.0.0/24\",\n \"range_start\": - \"172.19.0.30\",\n \"range_end\": \"172.19.0.70\"\n }\n}\n" - prefix-length: 24 - subnets: - - allocationRanges: - - end: 172.19.0.250 - start: 172.19.0.100 - cidr: 172.19.0.0/24 - name: subnet1 - vlan: 22 - vlan: 22 -kind: ConfigMap -metadata: - annotations: - config.kubernetes.io/local-config: 'true' - name: network-values diff --git a/examples/va/adoption/networking.yaml b/examples/va/adoption/networking.yaml deleted file mode 100644 index d79d041b9..000000000 --- a/examples/va/adoption/networking.yaml +++ /dev/null @@ -1,322 +0,0 @@ -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - labels: - osp/net: ctlplane - osp/net-attach-def-type: standard - name: ctlplane - namespace: openstack -spec: - config: | - { - "cniVersion": "0.3.1", - "name": "ctlplane", - "type": "macvlan", - "master": "ospbr", - "ipam": { - "type": "whereabouts", - "range": "192.168.122.0/24", - "range_start": "192.168.122.30", - "range_end": "192.168.122.70" - } - } ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - labels: - osp/net: datacentre - osp/net-attach-def-type: standard - name: datacentre - namespace: openstack -spec: - config: | - { - "cniVersion": "0.3.1", - "name": "datacentre", - "type": "bridge", - "bridge": "ospbr", - "ipam": {} - } ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - labels: - osp/net: internalapi - osp/net-attach-def-type: standard - name: internalapi - namespace: openstack -spec: - config: | - { - "cniVersion": "0.3.1", - "name": "internalapi", - "type": "macvlan", - "master": "internalapi", - "ipam": { - "type": "whereabouts", - "range": "172.17.0.0/24", - "range_start": "172.17.0.30", - "range_end": "172.17.0.70" - } - } ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - labels: - osp/net: storage - osp/net-attach-def-type: standard - name: storage - namespace: openstack -spec: - config: | - { - "cniVersion": "0.3.1", - "name": "storage", - "type": "macvlan", - "master": "storage", - "ipam": { - "type": "whereabouts", - "range": "172.18.0.0/24", - "range_start": "172.18.0.30", - "range_end": "172.18.0.70" - } - } ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - labels: - osp/net: swift - osp/net-attach-def-type: standard - name: swift - namespace: openstack -spec: - config: | - { - "cniVersion": "0.3.1", - "name": "swift", - "type": "macvlan", - "master": "swift", - "ipam": { - "type": "whereabouts", - "range": "172.22.0.0/24", - "range_start": "172.22.0.30", - "range_end": "172.22.0.70" - } - } ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - labels: - osp/net: tenant - osp/net-attach-def-type: standard - name: tenant - namespace: openstack -spec: - config: | - { - "cniVersion": "0.3.1", - "name": "tenant", - "type": "macvlan", - "master": "tenant", - "ipam": { - "type": "whereabouts", - "range": "172.19.0.0/24", - "range_start": "172.19.0.30", - "range_end": "172.19.0.70" - } - } ---- -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - labels: - osp/lb-addresses-type: standard - name: ctlplane - namespace: metallb-system -spec: - addresses: - - 192.168.122.80-192.168.122.90 ---- -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - labels: - osp/lb-addresses-type: standard - name: internalapi - namespace: metallb-system -spec: - addresses: - - 172.17.0.80-172.17.0.90 ---- -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - labels: - osp/lb-addresses-type: standard - name: storage - namespace: metallb-system -spec: - addresses: - - 172.18.0.80-172.18.0.90 ---- -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - labels: - osp/lb-addresses-type: standard - name: swift - namespace: metallb-system -spec: - addresses: - - 172.22.0.80-172.22.0.90 ---- -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - labels: - osp/lb-addresses-type: standard - name: tenant - namespace: metallb-system -spec: - addresses: - - 172.19.0.80-172.19.0.90 ---- -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: ctlplane - namespace: metallb-system -spec: - interfaces: - - ospbr - ipAddressPools: - - ctlplane ---- -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: internalapi - namespace: metallb-system -spec: - interfaces: - - internalapi - ipAddressPools: - - internalapi ---- -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: storage - namespace: metallb-system -spec: - interfaces: - - storage - ipAddressPools: - - storage ---- -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: swift - namespace: metallb-system -spec: - interfaces: - - swift - ipAddressPools: - - swift ---- -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: tenant - namespace: metallb-system -spec: - interfaces: - - tenant - ipAddressPools: - - tenant ---- -apiVersion: network.openstack.org/v1beta1 -kind: NetConfig -metadata: - name: netconfig - namespace: openstack -spec: - networks: - - dnsDomain: ctlplane.example.com - mtu: 1500 - name: ctlplane - subnets: - - allocationRanges: - - end: 192.168.122.120 - start: 192.168.122.100 - - end: 192.168.122.170 - start: 192.168.122.150 - cidr: 192.168.122.0/24 - gateway: 192.168.122.1 - name: subnet1 - - dnsDomain: internalapi.example.com - mtu: 1496 - name: internalapi - subnets: - - allocationRanges: - - end: 172.17.0.250 - start: 172.17.0.100 - cidr: 172.17.0.0/24 - name: subnet1 - vlan: 20 - - dnsDomain: external.example.com - mtu: 1496 - name: external - subnets: - - allocationRanges: - - end: 172.21.0.250 - start: 172.21.0.100 - cidr: 172.21.0.0/24 - name: subnet1 - vlan: 44 - - dnsDomain: storage.example.com - mtu: 1496 - name: storage - subnets: - - allocationRanges: - - end: 172.18.0.250 - start: 172.18.0.100 - cidr: 172.18.0.0/24 - name: subnet1 - vlan: 21 - - dnsDomain: tenant.example.com - mtu: 1496 - name: tenant - subnets: - - allocationRanges: - - end: 172.19.0.250 - start: 172.19.0.100 - cidr: 172.19.0.0/24 - name: subnet1 - vlan: 22 - - dnsDomain: swift.example.com - mtu: 1500 - name: swift - subnets: - - allocationRanges: - - end: 172.22.0.250 - start: 172.22.0.100 - cidr: 172.22.0.0/24 - name: subnet1 - vlan: 25 - - dnsDomain: storagemgmt.example.com - mtu: 1500 - name: storagemgmt - subnets: - - allocationRanges: - - end: 172.20.0.250 - start: 172.20.0.100 - cidr: 172.20.0.0/24 - name: subnet1 - vlan: 23 \ No newline at end of file diff --git a/va/adoption/README.md b/va/adoption/README.md deleted file mode 100644 index 522d5615b..000000000 --- a/va/adoption/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# VA: HCI - -If you are looking for information on how to deploy the HCI VA, then -please see the -[HCI README in the examples directory](../../examples/va/hci/README.md). - -This directory, `architecture/va/hci/`, exists so that the -[kustomization.yaml](../../examples/va/hci/kustomization.yaml) -in the examples directory for the HCI VA, reference it by path as a -component. Its contents are likely uninteresting unless you want to -understand how kustomize was implemented in this repository. diff --git a/va/adoption/kustomization.yaml b/va/adoption/kustomization.yaml deleted file mode 100644 index f0e686cc0..000000000 --- a/va/adoption/kustomization.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1alpha1 -kind: Component - -transformers: - # Set namespace to OpenStack on all namespaced objects without a namespace - - |- - apiVersion: builtin - kind: NamespaceTransformer - metadata: - name: _ignored_ - namespace: openstack - setRoleBindingSubjects: none - unsetOnly: true - fieldSpecs: - - path: metadata/name - kind: Namespace - create: true - -components: - - ../../lib/networking/metallb - - networking/metallb - - ../../lib/networking/netconfig - - networking/netconfig - - ../../lib/networking/nad - - networking/nad - -# Add storagemgmt network template, as it is needed for CephHCI -patches: - - target: - version: v1beta1 - kind: NetConfig - name: netconfig - patch: |- - - op: add - path: /spec/networks/- - value: - dnsDomain: _replaced_ - name: storagemgmt - subnets: - - _replaced_ - mtu: 1500 - -# Add storagemgmt network replacements -replacements: - # NetConfig dnsDomain specific to this VA - - source: - kind: ConfigMap - name: network-values - fieldPath: data.storagemgmt.dnsDomain - targets: - - select: - kind: NetConfig - fieldPaths: - - spec.networks.[name=storagemgmt].dnsDomain - # NetConfig MTU specific to this VA - - source: - kind: ConfigMap - name: network-values - fieldPath: data.storagemgmt.mtu - targets: - - select: - kind: NetConfig - fieldPaths: - - spec.networks.[name=storagemgmt].mtu - # NetConfig subnets specific to this VA - - source: - kind: ConfigMap - name: network-values - fieldPath: data.storagemgmt.subnets - targets: - - select: - kind: NetConfig - fieldPaths: - - spec.networks.[name=storagemgmt].subnets diff --git a/va/adoption/namespace.yaml b/va/adoption/namespace.yaml deleted file mode 100644 index 60a6e8c42..000000000 --- a/va/adoption/namespace.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: builtin -kind: NamespaceTransformer -metadata: - name: _ignored_ - namespace: openstack -setRoleBindingSubjects: none -unsetOnly: true -fieldSpecs: - - path: metadata/name - kind: Namespace - create: true diff --git a/va/adoption/networking/metallb/kustomization.yaml b/va/adoption/networking/metallb/kustomization.yaml deleted file mode 100644 index 94b3620d3..000000000 --- a/va/adoption/networking/metallb/kustomization.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1alpha1 -kind: Component - -resources: - - metallb_l2advertisement.yaml - - ocp_ip_pools.yaml - -replacements: - - source: - kind: ConfigMap - name: network-values - fieldPath: data.swift.lb_addresses - targets: - - select: - group: metallb.io - kind: IPAddressPool - name: swift - fieldPaths: - - spec.addresses - options: - create: true - - - source: - kind: ConfigMap - name: network-values - fieldPath: data.swift.iface - targets: - - select: - group: metallb.io - kind: L2Advertisement - name: swift - fieldPaths: - - spec.interfaces.0 - options: - create: true diff --git a/va/adoption/networking/metallb/metallb_l2advertisement.yaml b/va/adoption/networking/metallb/metallb_l2advertisement.yaml deleted file mode 100644 index 651c26eda..000000000 --- a/va/adoption/networking/metallb/metallb_l2advertisement.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: swift - namespace: metallb-system -spec: - ipAddressPools: - - swift - interfaces: - - _replaced_ diff --git a/va/adoption/networking/metallb/ocp_ip_pools.yaml b/va/adoption/networking/metallb/ocp_ip_pools.yaml deleted file mode 100644 index a7945afa1..000000000 --- a/va/adoption/networking/metallb/ocp_ip_pools.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - namespace: metallb-system - name: swift - labels: - osp/lb-addresses-type: standard diff --git a/va/adoption/networking/nad/kustomization.yaml b/va/adoption/networking/nad/kustomization.yaml deleted file mode 100644 index 1ce809c3f..000000000 --- a/va/adoption/networking/nad/kustomization.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1alpha1 -kind: Component - -transformers: - # Set namespace to OpenStack on all namespaced objects without a namespace - - |- - apiVersion: builtin - kind: NamespaceTransformer - metadata: - name: _ignored_ - namespace: openstack - setRoleBindingSubjects: none - unsetOnly: true - fieldSpecs: - - path: metadata/name - kind: Namespace - create: true - -resources: - - ocp_networks_netattach.yaml - -replacements: - - source: - kind: ConfigMap - name: network-values - fieldPath: data.swift.net-attach-def - targets: - - select: - kind: NetworkAttachmentDefinition - name: swift - fieldPaths: - - spec.config - options: - create: true diff --git a/va/adoption/networking/nad/ocp_networks_netattach.yaml b/va/adoption/networking/nad/ocp_networks_netattach.yaml deleted file mode 100644 index da7763fad..000000000 --- a/va/adoption/networking/nad/ocp_networks_netattach.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - name: swift - labels: - osp/net: swift - osp/net-attach-def-type: standard diff --git a/va/adoption/networking/netconfig/kustomization.yaml b/va/adoption/networking/netconfig/kustomization.yaml deleted file mode 100644 index b18740075..000000000 --- a/va/adoption/networking/netconfig/kustomization.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1alpha1 -kind: Component - -patches: - - target: - kind: NetConfig - patch: |- - - op: add - path: /spec/networks/- - value: - name: swift - mtu: 1500 - dnsDomain: _replaced_ - subnets: - - _replaced_ - -replacements: - - source: - kind: ConfigMap - name: network-values - fieldPath: data.swift.dnsDomain - targets: - - select: - kind: NetConfig - fieldPaths: - - spec.networks.[name=swift].dnsDomain - - source: - kind: ConfigMap - name: network-values - fieldPath: data.swift.subnets - targets: - - select: - kind: NetConfig - fieldPaths: - - spec.networks.[name=swift].subnets diff --git a/va/adoption/nncp/kustomization.yaml b/va/adoption/nncp/kustomization.yaml deleted file mode 100644 index 9c29c7007..000000000 --- a/va/adoption/nncp/kustomization.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1alpha1 -kind: Component - -transformers: - # Set namespace to OpenStack on all namespaced objects without a namespace - - |- - apiVersion: builtin - kind: NamespaceTransformer - metadata: - name: _ignored_ - namespace: openstack - setRoleBindingSubjects: none - unsetOnly: true - fieldSpecs: - - path: metadata/name - kind: Namespace - create: true - -components: - - ../../../lib/nncp